WebClientOptions SSLTrustStore is transient

Author: rbri

src/changes/changes.xml

@@ -8,6 +8,9 @@
 
     <body>
         <release version="4.9.0" date="February xx, 2025" description="Chrome/Edge 132, Firefox 134, BigInt, Bugfixes">
+            <action type="fix" dev="rbri">
+                WebClientOptions SSLTrustStore is transient.
+            </action>
             <action type="fix" dev="rbri">
                 WebClientOptions.Geolocation is serializable now
             </action>

src/main/java/org/htmlunit/WebClientOptions.java

@@ -55,7 +55,7 @@ public class WebClientOptions implements Serializable {
 
     private KeyStore sslClientCertificateStore_;
     private char[] sslClientCertificatePassword_;
-    private KeyStore sslTrustStore_;
+    private transient KeyStore sslTrustStore_;
     private String[] sslClientProtocols_;
     private String[] sslClientCipherSuites_;
 
@@ -541,6 +541,7 @@ public String getSSLInsecureProtocol() {
     /**
      * Sets the SSL server certificate trust store. All server certificates will be validated against
      * this trust store.
+     * <p>This property is transient (because KeyStore is not serializable)
      * <p>
      * The needed parameters are used to construct a {@link java.security.KeyStore}.
      *
@@ -564,6 +565,7 @@ void setSSLTrustStore(final KeyStore keyStore) {
 
     /**
      * Gets the SSL TrustStore.
+     * <p>This property is transient (because KeyStore is not serializable)
      * @return the SSL TrustStore for insecure SSL connections
      */
     public KeyStore getSSLTrustStore() {

src/test/java/org/htmlunit/WebClientOptionsTest.java

@@ -14,6 +14,8 @@
  */
 package org.htmlunit;
 
+import java.security.KeyStore;
+
 import javax.net.ssl.SSLContext;
 
 import org.apache.commons.lang3.SerializationUtils;
@@ -108,4 +110,20 @@ public void serializationSSLContextProvider() throws Exception {
 
         assertNull(deserialized.getSSLContext());
     }
+
+    /**
+     * @throws Exception if an error occurs
+     */
+    @Test
+    public void serializationSSLTrustStore() throws Exception {
+        final WebClientOptions original = new WebClientOptions();
+
+        final KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
+        original.setSSLTrustStore(keyStore);
+
+        final byte[] bytes = SerializationUtils.serialize(original);
+        final WebClientOptions deserialized = (WebClientOptions) SerializationUtils.deserialize(bytes);
+
+        assertNull(deserialized.getSSLTrustStore());
+    }
 }